On Sat, Sep 24, 2011 at 9:09 PM, Guy Harris <[email protected]> wrote: > > On Sep 24, 2011, at 9:58 AM, Chris Maynard wrote: > >> Roland Knall <rknall@...> writes: >> >>> On a similar topic, how can you mark a package as malformed? >>> Especially generated packages often fail the openSAFETY dissector, and >>> marking them as malformed seems to make sense in such cases. >> >> Many dissectors make use of the expert infos for this. > > ...which is the right way to do it. Doing it by throwing an exception makes > errors such as "malformed because field XXX is too short" indistinguishable > from "malformed because the packet is missing data at the end", and also > means you stop dissecting at that point.
That is the reason I am asking. I have quite a few assertions in my code now, and although they do the trick, the right way should be malformed in any of these cases. I will update my code now, and provide a patch for the opensafety dissector, as soon as I am done. Roland > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <[email protected]> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:[email protected]?subject=unsubscribe > ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
